官方文档
Contents
Basic installation and startup of the Kapacitor service is covered in
Getting started with Kapacitor.
The basic principles of working with Kapacitor described there should be understood before continuing here.
This document presents Kapacitor configuration in greater detail.
Kapacitor service properties are configured using key-value pairs organized
into groups.
Any property key can be located by following its path in the configuration file (for example, [http].https-enabled
or [slack].channel
).
Values for configuration keys are declared in the configuration file.
On POSIX systems this file is located by default at the following location: /etc/kapacitor/kapacitor.conf
. On Windows systems a sample configuration file can be found in the same directory as the kapacitord.exe
.
The location of this file can be defined at startup with the -config
argument.
The path to the configuration file can also be declared using the environment variable KAPACITOR_CONFIG_PATH
.
Values declared in this file can be overridden by environment variables beginning with the token KAPACITOR_
.
Some values can also be dynamically altered using the HTTP API when the key [config-override].enabled
is set to true
.
Four primary mechanisms for configuring different aspects of the Kapacitor service are available and listed here in the descending order by which they may be overridden:
- The configuration file.
- Environment variables.
- The HTTP API (for optional services and the InfluxDB connection).
- Command line arguments (for changing hostname and logging).
Note: Setting the property
skip-config-overrides
in the configuration file totrue
will disable configuration overrides at startup.
Startup
The Kapacitor daemon includes command line options that affect how it loads and
runs.
These include:
-config
: Path to the configuration file.-hostname
: Hostname that will override the hostname specified in the configuration file.-pidfile
: File where the process ID will be written.-log-file
: File where logs will be written.-log-level
: Threshold for writing messages to the log file. Valid values includedebug, info, warn, error
.
Systemd
On POSIX systems, when the Kapacitor daemon starts as part of systemd
, environment variables can be set in the file /etc/default/kapacitor
.
Start Kapacitor as part of
systemd
:$ sudo systemctl enable kapacitor
Start Kapacitor as part of
systemd
and start Kapacitor immediately:sudo systemctl enable kapacitor —-now
Define where the PID file and log file will be written:
- Add a line like the following into the
/etc/default/kapacitor
file:
KAPACITOR_OPTS="-pidfile=/home/kapacitor/kapacitor.pid -log-file=/home/kapacitor/logs/kapacitor.log"
- Restart Kapacitor:
sudo systemctl restart kapacitor
- Add a line like the following into the
The environment variable KAPACITOR_OPTS
is one of a few special variables used
by Kapacitor at startup.
For more information on working with environment variables,
see Kapacitor environment variables
below.
Kapacitor configuration file
The default configuration can be displayed using the config
command of the Kapacitor daemon.
kapacitord config |
A sample configuration file is also available in the Kapacitor code base.
The most current version can be accessed on github.
To get current configuration settings, you can use the Kapacitor HTTP API to get configuration values for settings that can be changed while the Kapacitor service is running. See Retrieving the current configuration.
TOML
The configuration file is based on TOML.
Important configuration properties are identified by case-sensitive keys
to which values are assigned.
Key-value pairs are grouped into tables whose identifiers are delineated by brackets.
Tables can also be grouped into table arrays.
The most common value types found in the Kapacitor configuration file include
the following:
- String (declared in double quotes)
- Examples:
host = "localhost"
,id = "myconsul"
,refresh-interval = "30s"
.
- Examples:
- Integer
- Examples:
port = 80
,timeout = 0
,udp-buffer = 1000
.
- Examples:
- Float
- Example:
threshold = 0.0
.
- Example:
- Boolean
- Examples:
enabled = true
,global = false
,no-verify = false
.
- Examples:
- Array –
- Examples:
my_database = [ "default", "longterm" ]
,urls = ["http://localhost:8086"]
- Examples:
- Inline Table
- Example:
basic-auth = { username = "my-user", password = "my-pass" }
- Example:
Table grouping identifiers are declared within brackets.
For example, [http]
, [deadman]
,[kubernetes]
.
An array of tables is declared within double brackets.
For example, [[influxdb]]
. [[mqtt]]
, [[dns]]
.
Organization
Most keys are declared in the context of a table grouping, but the basic properties of the Kapacitor system are defined in the root context of the configuration file.
The four basic properties of the Kapacitor service include:
hostname
: String declaring the DNS hostname where the Kapacitor daemon runs.data_dir
: String declaring the file system directory where core Kapacitor data is stored.skip-config-overrides
: Boolean indicating whether or not to skip configuration overrides.default-retention-policy
: String declaring the default retention policy to be used on the InfluxDB database.
Table groupings and arrays of tables follow the basic properties and include essential and optional features,
including specific alert handlers and mechanisms for service discovery and data scraping.
Essential tables
HTTP
The Kapacitor service requires an HTTP connection and important
HTTP properties,
such as a bind address and the path to an HTTPS certificate,
are defined in the [http]
table.
Example: The HTTP grouping
... |
Transport Layer Security (TLS) settings
If the TLS configuration settings is not specified, Kapacitor supports all of the cipher suite IDs listed and all of the TLS versions implemented in the Constants section of the Go crypto/tls
package documentation, depending on the version of Go used to build InfluxDB.
Use the SHOW DIAGNOSTICS
command to see the version of Go used to build Kapacitor.
ciphers = [ "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",]
Determines the available set of cipher suites. For a list of available ciphers, which depends on the version of Go, see https://golang.org/pkg/crypto/tls/#pkg-constants.
You can use the query SHOW DIAGNOSTICS
to see the version of Go used to build Kapacitor.
If not specified, uses the default settings from Go’s crypto/tls package.
min-version = "tls1.2"
Minimum version of the tls protocol that will be negotiated. If not specified, uses the default settings from the Go crypto/tls
package.
max-version = "tls1.2"
Maximum version of the tls protocol that will be negotiated. If not specified, uses the default settings from the Go crypto/tls
package.
Recommended configuration for “modern compatibility”
InfluxData recommends configuring your Kapacitor server’s TLS settings for “modern compatibility” — this provides a higher level of security and assumes that backward compatibility is not required.
Our recommended TLS configuration settings for ciphers
, min-version
, and max-version
are based on Mozilla’s “modern compatibility” TLS server configuration described in Security/Server Side TLS.
InfluxData’s recommended TLS settings for “modern compatibility” are specified in the following configuration settings example.
ciphers = [ "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", |
Important:* The order of the cipher suite IDs in the
ciphers
setting determines which algorithms are selected by priority. The TLSmin-version
and themax-version
settings restrict support to TLS 1.2.
Config override
The [config-override]
table contains only one key which enables or disables the ability to
override certain values through the HTTP API. It is enabled by default.
Example: The Config Override grouping
... |
Logging
The Kapacitor service uses logging to monitor and inspect its behavior.
The path to the log and the log threshold is defined in [logging]
table.
Example: The Logging grouping
... |
Load
Starting with Kapacitor 1.4, the Kapacitor service includes a feature
that enables the loading of TICKscript tasks when the service loads.
The path to these scripts is defined in this table.
Example: The Load grouping
... |
Replay
The Kapacitor client application can record data streams and batches for testing
tasks before they are enabled.
This table contains one key which declares the path to the directory where the replay files are to be stored.
Example: The Replay grouping
... |
Task
Prior to Kapacitor 1.4, tasks were written to a special task database.
This table and its associated keys are deprecated and should only be used for
migration purposes.
Storage
The Kapacitor service stores its configuration and other information in the key-value Bolt database.
The location of this database on the file system is defined in the storage table
grouping.
Example: The Storage grouping
... |
Deadman
Kapacitor provides a deadman’s switch alert which can be configured globally
in this table grouping.
See the Deadman helper function topic in the AlertNode documentation.
For a Deadman’s switch to work it needs a threshold below which the switch will
be triggered. It also needs a polling interval as well as an id and message
which will be passed to the alert handler.
Example: The Deadman grouping
... |
InfluxDB
Kapacitor’s main purpose processing between nodes within an InfluxDB Enterprise cluster or between multiple clusters.
You must define at least one [[influxdb]]
table array configuration for an InfluxDB connection.
Multiple InfluxDB table array configurations can be specified,
but one InfluxDB table array configuration must be flagged as the default
.
Example: An InfluxDB connection grouping
{{% note %}} |
... |
Internals
Kapacitor includes internal services that can be enabled or disabled and
that have properties that need to be defined.
HTTP Post
The HTTP Post service configuration is commented out by default. It is used for
POSTing alerts to an HTTP endpoint.
Reporting
Kapacitor will send usage statistics back to InfluxData.
This feature can be disabled or enabled in the [reporting]
table grouping.
Example 9 – Reporting configuration...
[reporting]
# Send usage statistics
# every 12 hours to Enterprise.
enabled = true
url = "https://usage.influxdata.com"
...
Stats
Internal statistics about Kapacitor can also be emitted to an InfluxDB database.
The collection frequency and the database to which the statistics are emitted
can be configured in the [stats]
table grouping.
Example: Stats configuration
... |
Alert
Kapacitor includes global alert configuration options that apply to all alerts
created by the alertNode
[alert] |
Optional table groupings
Optional table groupings are disabled by default and relate to specific features that can be leveraged by TICKscript nodes or used to discover and scrape information from remote locations.
In the default configuration, these optional table groupings may be commented out or include a key enabled
set to false
(i.e., enabled = false
).
A feature defined by an optional table should be enabled whenever a relevant node or a handler for a relevant node is required by a task, or when an input source is needed.
For example, if alerts are to be sent via email, then the SMTP service should
be enabled and configured in the [smtp]
properties table.
Example 11 – Enabling SMTP
... |
Optional features include supported alert handlers, Docker services, user defined functions, input services, and discovery services.
Supported event handlers
Event handlers manage communications from Kapacitor to third party services or
across Internet standard messaging protocols.
They are activated through chaining methods on the Alert node.
Most of the handler configurations include common properties.
Every handler has the property enabled
. They also need an endpoint to which
messages can be sent.
Endpoints may include single properties (e.g, url
and addr
) or property pairs (e.g., host
and port
).
Most also include an authentication mechanism such as a token
or a pair of properties like username
and password
.
A sample SMTP configuration is shown in Example 11 above.
Specific properties are included directly in the configuration file and
discussed along with the specific handler information in the Alert
document.
The following handlers are currently supported:
- Alerta: Sending alerts to Alerta.
- Email: To send alerts by email.
- HipChat: Sending alerts to the HipChat service.
- Kafka: Sending alerts to an Apache Kafka cluster.
- MQTT: Publishing alerts to an MQTT broker.
- OpsGenie: Sending alerts to the OpsGenie service.
- PagerDuty: Sending alerts to the PagerDuty service.
- Pushover: Sending alerts to the Pushover service.
- Sensu: Sending alerts to Sensu.
- Slack: Sending alerts to Slack.
- SNMP Trap: Posting to SNMP traps.
- Talk: Sending alerts to the Talk service.
- Telegram: Sending alerts to Telegram.
- VictorOps: Sending alerts to the VictorOps service.
Docker services
Kapacitor can be used to trigger changes in Docker clusters. This
is activated by the SwarmAutoScale
and the K8sAutoScale nodes.
The following service configurations corresponding to these chaining methods can
be found in the configuration file:
-
Example 12 – The Docker Swarm configuration
...
[[swarm]]
# Enable/Disable the Docker Swarm service.
# Needed by the swarmAutoscale TICKscript node.
enabled = false
# Unique ID for this Swarm cluster
# NOTE: This is not the ID generated by Swarm rather a user defined
# ID for this cluster since Kapacitor can communicate with multiple clusters.
id = ""
# List of URLs for Docker Swarm servers.
servers = ["http://localhost:2376"]
# TLS/SSL Configuration for connecting to secured Docker daemons
ssl-ca = ""
ssl-cert = ""
ssl-key = ""
insecure-skip-verify = false
... -
Example: The Kubernetes configuration
...
[kubernetes]
# Enable/Disable the kubernetes service.
# Needed by the k8sAutoscale TICKscript node.
enabled = false
# There are several ways to connect to the kubernetes API servers:
#
# Via the proxy, start the proxy via the `kubectl proxy` command:
# api-servers = ["http://localhost:8001"]
#
# From within the cluster itself, in which case
# kubernetes secrets and DNS services are used
# to determine the needed configuration.
# in-cluster = true
#
# Direct connection, in which case you need to know
# the URL of the API servers, the authentication token and
# the path to the ca cert bundle.
# These value can be found using the `kubectl config view` command.
# api-servers = ["http://192.168.99.100:8443"]
# token = "..."
# ca-path = "/path/to/kubernetes/ca.crt"
#
# Kubernetes can also serve as a discoverer for scrape targets.
# In that case the type of resources to discoverer must be specified.
# Valid values are: "node", "pod", "service", and "endpoint".
# resource = "pod"
...
User defined functions (UDFs)
Kapacitor can be used to plug in a user defined function
(UDF), which can then be leveraged as
chaining methods in a TICKscript.
A user defined function is indicated by the declaration of a new grouping table with the following identifier: [udf.functions.<UDF_NAME>]
.
A UDF configuration requires a path to an executable, identified by the following properties:
prog
: A string indicating the path to the executable.args
: An array of string arguments to be passed to the executable.timeout
: A timeout monitored when waiting for communications from the executable.
The UDF can also include a group of environment variables declared in a table
identified by the string udf.functions.<UDF_NAME>.env
.
Example: Configuring a User Defined Function
... |
Additional examples can be found directly in the default configuration file.
Input methods
Kapacitor can receive and process data from sources other than InfluxDB, and the results of this processing can then be written to an InfluxDB database.
Currently, the following two sources external to InfluxDB are supported:
- Collectd: The POSIX daemon
collectd
for collecting system, network and service performance data. - Opentsdb: The Open Time Series Database (Opentsdb) and its daemon tsd.
Configuration of connections to third party input sources requires properties such as:
bind-address
: Address at which Kapacitor will receive data.database
: Database to which Kapacitor will write data.retention-policy
: Retention policy for that database.batch-size
: Number of datapoints to buffer before writing.batch-pending
: Number of batches that may be pending in memory.batch-timeout
: Length of time to wait before writing the batch. If
the batch size has not been reached, then a short batch will be written.
Each input source has additional properties specific to its configuration. They
follow the same configurations for these services used in
Influxdb.
Example: Collectd configuration
... |
Example 16 – Opentsdb configuration
... |
User Datagram Protocol (UDP)
As demonstrated in the Live Leaderboard
guide and the Scores
example, Kapacitor can be configured to accept raw data from a UDP connection.
This is configured much like other input services.
Example: UDP configuration
... |
Service discovery and metric scraping
When the number and addresses of the hosts and services for which Kapacitor
should collect information are not known at the time of configuring or booting
the Kapacitor service, they can be determined, and the data collected, at runtime
with the help of discovery services.
This process is known as metric scraping and discovery.
For more information, see Scraping and Discovery.
For scraping and discovery to work one or more scrapers must be configured. One
scraper can be bound to one discovery service.
Example: Scraper configuration
... |
The example above is illustrative only.
Discovery services
Kapacitor currently supports 12 discovery services.
Each of these has an id
property by which it will be bound to a scraper.
Configuration entries are prepared by default for the following discovery
services:
- Azure
- Consul
- DNS
- EC2
- File Discovery
- GCE
- Marathon
- Nerve
- ServerSet
- Static Discovery
- Triton
- UDP
Example: EC2 Discovery Service configuration
... |
The above example is illustrative.
Kapacitor environment variables
Kapacitor can use environment variables for high-level properties or to
override properties in the configuration file.
Environment variables not in configuration file
These variables are not found in the configuration file.
KAPACITOR_OPTS
: Found in thesystemd
startup script and used to pass
command line options tokapacitord
started bysystemd
.KAPACITOR_CONFIG_PATH
: Sets the path to the configuration file.KAPACITOR_URL
: Used by the client applicationkapacitor
to locate
thekapacitord
service.KAPACITOR_UNSAFE_SSL
: A Boolean used by the client applicationkapacitor
to skip verification of thekapacitord
certificate when connecting over SSL.
Mapping properties to environment variables
Kapacitor-specific environment variables begin with the token KAPACITOR
followed by an underscore (_
).
Properties then follow their path through the configuration file tree with each node in the tree separated by an underscore.
Dashes in configuration file identifiers are replaced with underscores.
Table groupings in table arrays are identified by integer tokens.
Examples:
KAPACITOR_SKIP_CONFIG_OVERRIDES
: Could be used to set the value forskip-config-overrides
.KAPACITOR_INFLUXDB_0_URLS_0
: Could be used to set the value of the
first URL item in the URLS array in the first Influxdb property grouping table,
i.e.[infludxb][0].[urls][0]
.KAPACITOR_STORAGE_BOLTDB
: Could be used to set the path to the boltdb
directory used for storage, i.e.[storage].botldb
.KAPACITOR_HTTPPOST_0_HEADERS_Authorization
: Could be used to set the
value of theauthorization
header for the first HTTPPost configuration ([httppost][0].headers.{authorization:"some_value"}
).KAPACITOR_KUBERNETES_ENABLED
: Could be used to enable the Kubernetes
configuration service ([kubernetes].enabled
).
Configuring with the HTTP API
The Kapacitor HTTP API can also be used to override
certain parts of the configuration.
This can be useful when a property may contain security sensitive information that should not be left in plain view in the file system, or when you need to reconfigure a service without restarting Kapacitor.
To view which parts of the configuration are available,
pull the JSON file at the /kapacitor/v1/config
endpoint.
(e.g., http://localhost:9092/kapacitor/v1/config).
Working with the HTTP API to override configuration properties is presented in
detail in the Configuration section
of the HTTP API document.
In order for overrides over the HTTP API to work,
the [config-override].enabled
property must be set to true
.
Generally, specific sections of the configuration can be viewed as JSON files by
GETting them from the context path built by their identifier from the config
endpoint.
For example, to get the table groupings of InfluxDB properties,
use the context /kapacitor/v1/config/influxdb
.
Security-sensitive fields such as passwords, keys, and security tokens are redacted when using GET.
Properties can be altered by POSTing a JSON document to the endpoint.
The JSON document must contain a set
field with a map of the properties to override and
their new values.
Example: JSON file for enabling the SMTP configuration
{ |
By POSTing this document to the /kapacitor/v1/config/smtp/
endpoint, the SMTP
service can be enabled.
Property overrides can be removed with the delete
field in the JSON document.
Example: JSON file for removing an SMTP override
{ |
By POSTing this document to the /kapacitor/v1/config/smtp/
endpoint the SMTP
override is removed and Kapacitor reverts to the behavior defined in the
configuration file.